Computer security biz FireEye has withdrawn claims that the Gauss and Flame super-viruses may be linked. This is after it emerged that what FireEye had thought was a shared command-and-control server, used to send instructions to PCs compromised by the malware, was actually a "sinkhole" maintained by rival researchers at …
Trust No One!
"... so innocent mistakes along these lines are more or less inevitable in the absence of better communication among security firms. "
Perhaps if the security firms set up a shared community bulletin board where could post details of their activities....oh, wait a minute.
"... but this was a system set up by the Russian lab, which had asked DNS providers to redirect data sent from the two software nasties so as to examine their network traffic."
By what authority can Kaspersky ask DNS providers to redirect internet data to their own location in order to analyse it? If I'm working on developing a geographically distributed industrial control and monitoring system, of a novel and hopefully profitable nature, can I trust the DNS providers to not divert my data to Kaspersky, or anyone else so that they can analyse it and copy my techniques?
Re: Trust No One!
"...can I trust the DNS providers to not divert my data to Kaspersky, or anyone else so that they can analyse it and copy my techniques?"
Clearly not, and that is more disturbing than the malware they're investigating.
Re: Trust No One!
If you want hard crypto, you know where to get it though.
Or alternatively... the AV industry is actually stoking up the problem of viruses, malware, and worms to perpetuate their own business models. Shady business practices.... in Russia... surely not!
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star
- New Facebook phone app allows you to stalk your mates
- Reddit users discover iOS malware threat